JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.0.201

65.111.0.201 was found in our database!

This IP was reported 47 times. Confidence of Abuse is 19%: ?

19%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.0.201

Whois 65.111.0.201

IP Abuse Reports for 65.111.0.201:

This IP address has been reported a total of 47 times from 25 distinct sources. 65.111.0.201 was first reported on June 27th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Carsten	2026-05-21 01:47:26 (2 weeks ago)	GET [.aws/credentials]	Port Scan
🇳🇱 e.fierstra	2026-05-11 12:02:43 (3 weeks ago)	Apache-badbot jail block	Bad Web Bot
🇨🇭 4server	2026-04-29 20:33:20 (1 month ago)	[WedApr2922:33:15.4971912026][security2:error][pid3141159:tid3141340][client65.111.0.201:0]ModSecuri ... show more [WedApr2922:33:15.4971912026][security2:error][pid3141159:tid3141340][client65.111.0.201:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"ristrutturazione-case.ch\"][uri\"/.env\"][unique_id\"afJrC-hxM-0XRUKQXpNHNQAAAEU\"] show less	Hacking Web App Attack
Anonymous	2026-04-14 19:59:42 (1 month ago)	Forum/form spam	Web Spam
🇺🇸 wordpresshosting.solutions	2026-04-11 16:37:40 (1 month ago)	WordPress login/xmlrpc abuse or user enumeration detected. Evidence: 65.111.0.201 - - [11/Apr/2026:1 ... show more WordPress login/xmlrpc abuse or user enumeration detected. Evidence: 65.111.0.201 - - [11/Apr/2026:16:37:39 +0000] "GET /wp-login.php?redirect_to=https%3A%2F%2F[DOMAIN]%2Fbest-meshtastic-alternatives-2026%2F HTTP/1.1" 200 6932 "https://[DOMAIN]/best-meshtastic-alternatives-2026/" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 65.111.0.201 - - [11/Apr/2026:16:37:39 +0000] "GET /wp-login.php HTTP/1.1" 200 3416 "https://[DOMAIN]/wp-login.php?redirect_to=https%3A%2F%2F[DOMAIN]%2Fbest-meshtastic-alternatives-2026%2F" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" show less	Brute-Force Web App Attack
Anonymous	2026-03-12 00:40:49 (2 months ago)	Forum/form spam	Web Spam
🇪🇸 masterguru	2026-03-04 20:46:30 (3 months ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (5000900-122)	Web App Attack
🇬🇧 relianoid.com	2026-03-04 12:41:33 (3 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
Anonymous	2026-02-15 01:38:50 (3 months ago)	Forum/form spam	Web Spam
🇺🇸 fbarela	2026-01-25 04:00:53 (4 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
🇬🇧 Swiptly	2026-01-21 16:26:39 (4 months ago)	Bot scanning for environment files .env .env/\* ...	Web App Attack
🇺🇸 myagent.site	2026-01-20 21:43:35 (4 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2026-01-20 19:48:16 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.0.201 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.0.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 20 14:48:10.827637 2026] [security2:error] [pid 20013:tid 20013] [client 65.111.0.201:12397] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ssion.com"] [uri "/.env"] [unique_id "aW_b-saZYusYrDQWzJZqxQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 19:24:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.0.201 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.0.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:23:59.171082 2025] [security2:error] [pid 32142:tid 32142] [client 65.111.0.201:36113] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "olgapottery.com"] [uri "/.svn/wc.db"] [unique_id "aS88zxLIylbejvOinn3YFgAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 17:40:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.0.201 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.0.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 12:40:50.422335 2025] [security2:error] [pid 31895:tid 31895] [client 65.111.0.201:20855] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kmelson.com"] [uri "/.env"] [unique_id "aS8koh52O0DmZD9Bc-s02wAAABU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 47 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 47.236.252.83

🇳🇱 45.156.87.216

🇧🇪 207.175.86.219

🇨🇳 183.191.28.83

🇨🇳 119.118.247.169

🇨🇳 116.178.128.42

🇨🇳 116.30.125.141

🇺🇸 74.7.242.18

🇳🇱 45.142.193.169

🇦🇪 20.203.42.204

🇸🇬 47.236.68.164

🇳🇱 45.148.10.152

🇱🇧 45.129.136.15

🇺🇸 34.74.21.173

🇧🇬 5.188.206.30

🇺🇸 209.97.151.220

🇳🇱 176.65.148.135

🇺🇸 173.239.211.144

🇮🇳 157.33.46.183

🇷🇴 109.100.14.222